Organizations and agencies continue struggling to define cyberthreat or ping defensive measures . The dawn of 2019 surprises us with...
We just need to take a look back to 2018, one of the most scandalous years in terms of ransomware, Wanna cry, Petya and other means of cyber attacks that breached data system of world digital giants like Google, Microsoft and Yahoo. Companies such as Facebook and Marriot were involved, affecting more than 500 million people. According to the consulting company Juniper Research, in 2020 the average cost of a data breach will be 150 million dollars while cybercrime will cause losses close to 2 trillion. Several experts in cybersecurity agree that this year will be one of the most difficult to face for companies and point out these as the cyber threats in 2019. Several experts in cybersecurity agree that this year will be one of the most difficult to face for companies and other state agencies, pointing out these unprecedented cyber threats unfolding.
Cyber Threat's Trends & Cryptojacking
2019 has surprised us with technological improvements that boost the global connectivity and revolutionalised new technologies such as the implementation of the 5G network. However, this also means the evolution of cyber threats, the companies and each individual person must face, since technological improvements become new opportunities for the development of more powerful and sophisticated malware. If the recent and explosive growth of ransomware is any indication, criminal organizations will continue to employ malware for profit.
Cryptojacking is the surreptitious and unauthorized use of a computer for the resource and power-demanding requirements of cryptocurrency mining. The attack essentially creates a cryptomining bot, and the attacker may coopt many systems to create a botnet. Cryptojacking, also known as crypto mining malware, uses both invasive methods of initial access and drive-by scripts on websites such as botnet to steal resources from unsuspecting victims.
Due to its ease of deployment, lots of risk trends continue to increase in 2019. According to Kaspersky, a botnet or DDoS attack is due at server or ISP level. However, for a common user, the best defense is to update all the software installed in the computer and avoid clicking on suspicious links. Unfortunately, the ingenuity of many users when opening malicious links is the main causes of malware expansion allowing hackers to build botnets faster.
Software Subversion
While social engineering and its exploitation of software flaws is a longstanding tactic used in cyber attacks, efforts to actively subvert software development processes are also increasing. In some cases, developers are specifically targeted for such an attack. Malware has also been detected in certain open source of daily usages like internet browsers and whole bunches of App software libraries. As software code becomes more complex and dynamic, opportunities for corruption increase as well. What is social engineering? It is a method used by cybernetic hackers to obtain sensitive or confidential information through the manipulation of legitimate users. Some examples of social engineering are phishing and pharming. The case of pharming is special since it steals information by modifying the queries to DNS servers in real time. Then modify the host file that handles all web queries.
In 2019, we see a continued increase in the use of third-party applications or services as a "back channeler'' into networks via corruption of the third-party firmware or software especially when a people updating their electronic devices, the exist loophole has been exacerbated by the rapid growth of the Cryptocurrency Ecosystem as well as eCommerce. Such back channels designed to bypass most traditional protective and detection capabilities such firewalls include anti-virus system that intended to prevent external intrusions and hacking incidents, thus allowing infection of a corporate or whole governmental network.
Cyber Threats
The fear of uncertainty and doubt still engulfed many nations when it comes to the cybersecurity particularly in a political landscape where the concerns of election technologies. Infrastructure security: Typically, power plants, manufacturing facilities, telecommunications networks, financial institutions, emergency services and electoral voting machines/software. This draws us into the spotlight of election hacking and hefty budget trying to deduce a way how to prevent it. The election interference capabilities continue to grow as many countries look forward to hold the presidential and general elections this year and the U.S in 2020 respectively.
The requirement that organizations must report a personal data breach within 72 hours of becoming aware of it, following the events has occurred: (1) a personal data breach, or (2) events that have a "reasonable likelihood of materially harming any material part of the normal operation(s)" of the regulated entity. These 72-hour timeframes significantly accelerate reporting, putting pressure on organizations to mature their incident response and resiliency capabilities in order to meet these new mandates and challenges.
Cyber Vulnerability
The Vulnerabilities Equities Process (VEP) is a modern method employed to balances whether to disseminate vulnerability or compromised information to the local businesses, vendors or share it with the suppliers in the expectation that it will be patched, or temporarily withheld such knowledge of the vulnerability in a restrict confidential to such extent that it can be used for national security and law enforcement purposes; in the operations such as counterintelligence/military campaigns to follow-on-action of the of adversary or hackers.
The exposure and subsequent exploitation of the NSA's EternalBlue have amplified calls to address the vulnerability equities issue by increasingly tipping the scales toward disclosure. Sharing Act (CISA) was passed to improve cybersecurity through enhanced information sharing between the public and private sectors. Although it offers liability protections for the private sector, many large companies continue to be reticent to share sensitive, potentially risk-reducing information with peers and the government.
Ambiguity In Lines Of Defense
Organizations continue to struggle with defining and implementing effective first and second lines of defense. While there is a general consensus that first line defense consists of information security operations and second line defense is responsible for cyber risk oversight, security practitioners, risk managers, and regulatory bodies are not consistently aligned on the practical implementation of these concepts. Ambiguity in this area represents significant organizational and risk mitigation implications.
Organizations are embracing the MITRE ATT&CK™ a globally-accessible knowledge base of adversary tactics and techniques based on real-world observation model. In order to governments and corporations innovate a slew of new products and services that provide better, granular modelling related to threat tactics, techniques, and procedures. Disclosure Requirements: The guidance focuses on two topics: (1) the importance of maintaining comprehensive cyber policies and procedures, particularly as they relate to timely disclosure of material cyber risks and incidents, and (2) the application of insider trading prohibitions to material cybersecurity risks and incidents.
Recent incidents at Yahoo, Uber, and Equifax have forced some governments and public companies to take a harder look at breach disclosure norms. The threshold disclosure question is one of materiality—i.e., whether there is a "substantial likelihood that the data breach affects third-party example suppliers, investors or consumers. Cybersecurity policy expects all public companies to disclose the extent of the risk involved so that senior management and boards understood the cyber risk and such that they can make informed judgments and decisions.
Cyber Policy
Domestic data privacy and security legislation is one of the key factors dominating the milieu of National Security in the 21st century. The implementation of the General Data Protection Regulation (GDPR), in European zone will help drive domestic efforts for comprehensive data security and privacy legislation, through a secure process and more responsible manners. The GDPR became enforceable on 25 May 2018. Hopefully, other geopolitical regions such as Africa, Latina, Asia and individual states are expected to follow suit.